By Steve Zurier
Publication Date: 2026-03-24 19:11:00
Citrix on March 23 released patches for a critical out-of-bounds-read bug in NetScaler ADC that security researchers from Rapid7 and watchTowr said will most certainly be exploited once exploit code becomes public in a few days.The 9.3 flaw — CVE-2026-3055 — has been touted by researchers as similar to the CitrixBleed memory leak vulnerabilities from 2023 that saw LockBit use it against ICBC, Boeing, and DP World.“Although Citrix states that the vulnerability was identified internally, it is reasonable to expect that threat actors will attempt to reverse engineer the patch to develop exploit capabilities,” watchTowr posted on its LinkedIn site yesterday. “Active watchTowr Platform clients have already been made aware of their exposure, and we are actively supporting remediation.”Denis Calderone, co-founder and CTO at Suzu Labs, added that the one piece of good news is that this bug only affects NetScaler instances configured as a SAML Identity Provider, not default…
